Domain 4: Information Systems Operations and Business Resilience- PART 4A

Question 1

An advantage of using unshielded twisted-pair (UTP) cable for data communication over other copper-based cables is that UTP cable:

Answer 1

Reduces crosstalk between pairs.

Question 2

Although management has stated otherwise, an IS auditor has reasons to believe that the organization is using software that is not licensed. In this situation, the IS auditor should FIRST:

Answer 2

Verify the software is in use through testing.

Question 3

The application systems of an organization using open-source software have no single recognized developer producing patches. Which of the following would be the MOST secure way of updating open- source software?

Answer 3

Identify and test suitable patches before applying them.

Question 4

As part of the business continuity planning process, which of the following should be identified FIRST in the business impact analysis?

Answer 4

Critical business processes for ascertaining the priority for recovery

Question 5

Authorizing access to application data is the responsibility of the:

Answer 5

Data owner.

Question 6

A batch transaction job failed in production; however, the same job returned no issues during user acceptance testing (UAT). Analysis of the production batch job indicates that it was altered after UAT. Which of the following ways would be the BEST to mitigate this risk in the future?

Answer 6

Ensure that developers do not have access to code after testing.

Question 7

The BEST audit procedure to determine if unauthorized changes have been made to production code is to:

Answer 7

examine object code to find instances of changes and trace them back to change control records.

Question 8

Business units are concerned about the performance of a newly implemented system. Which of the following should an IS auditor recommend?

Answer 8

Develop a baseline and monitor system usage.

Question 9

A clerk changed the interest rate for a loan on a master file. The rate entered is outside the normal range for such a loan. Which of the following controls is MOST effective in providing reasonable assurance that the change was authorized?

Answer 9

The system will not process the change until the clerk’s manager confirms the change by entering an approval code.

Question 10

Code erroneously excluded from a production release was subsequently moved into the production environment, bypassing normal change procedures. Which of the following choices is of MOST concern to the IS auditor performing a postimplementation review?

Answer 10

The change did not have change management approval.

Question 11

A database administrator (DBA) who needs to make emergency changes to a database after normal working hours should log in:

Answer 11

With their named account to make the changes.

Question 12

A database administrator has detected a performance problem with some tables, which could be solved through denormalization. This situation will increase the risk of:

Answer 12

a loss of data integrity.

Question 13

The database administrator suggests that database efficiency can be improved by denormalizing some tables. This would result in:

Answer 13

increased redundancy.

Question 14

Data flow diagrams are used by IS auditors to:

Answer 14

graphically summarize data paths and storage.

Question 15

Doing which of the following during peak production hours could result in unexpected downtime?

Answer 15

Doing which of the following during peak production hours could result in unexpected downtime?

Question 16

Due to resource constraints, a developer requires full access to production data to support certain problems reported by production users. Which of the following choices would be a good compensating control for controlling unauthorized changes in production?

Answer 16

Provide and monitor separate developer login IDs for programming and for production support

Question 17

During a change control audit of a production system, an IS auditor finds that the change management process is not formally documented and that some migration procedures failed. What should the IS auditor do next?

Answer 17

Gain more assurance on the findings through root cause analysis.

Question 18

During a data center audit, an IS auditor observes that some parameters in the tape management system are set to bypass or ignore tape header records. Which of the following is the MOST effective compensating control for this weakness?

Answer 18

Staging and job setup

Question 19

During a human resources (HR) audit, an IS auditor is informed that there is a verbal agreement between the IT and HR departments as to the level of IT services expected. In this situation, what should the IS auditor do FIRST?

Answer 19

Confirm the content of the agreement with both departments.

Question 20

During an application audit, an IS auditor is asked to provide assurance of the database referential integrity. Which of the following should be reviewed?

Answer 20

Foreign key structure

Question 21

During an application audit, the IS auditor finds several problems related to corrupt data in the database. Which of the following is a CORRECTIVE control that the IS auditor should recommend?

Answer 21

Proceed with restore procedures.

Question 22

During an assessment of software development practices, an IS auditor finds that open source software components were used in an application designed for a client. What is the GREATEST concern the auditor would have about the use of open source software?

Answer 22

The organization and client must comply with open source software license terms.

Question 23

During an audit of a small company that provides medical transcription services, an IS auditor observes several issues related to the backup and restore process. Which of the following should be the auditor’s GREATEST concern?

Answer 23

The company stores transcription backup tapes offsite using a third-party service provider, which inventories backup tapes annually.

Question 24

During an audit of a small enterprise, the IS auditor noted that the IS director has superuser-privilege access that allows the director to process requests for changes to the application access roles (access types). Which of the following should the IS auditor recommend?

Answer 24

Implement a properly documented process for application role change requests.

Question 25

During an implementation review of a recent application deployment, it was determined that several incidents were assigned incorrect priorities and, because of this, failed to meet the business service level agreement (SLA). What is the GREATEST concern?

Answer 25

The support model was not properly developed and implemented.

Question 26

During fieldwork, an IS auditor experienced a system crash caused by a security patch installation. To provide reasonable assurance that this event will not recur, the IS auditor should ensure that:

Answer 26

the client’s change management process is adequate.

Question 27

During maintenance of a relational database, several values of the foreign key in a transaction table have been corrupted. The consequence is that:

Answer 27

the detail of involved transactions may no longer be associated with master data, causing errors when these transactions are processed.

Question 28

During the audit of a database server, which of the following would be considered the GREATEST exposure?

Answer 28

Default global security settings for the database remain unchanged.

Question 29

During the review of an enterprise’s preventive maintenance process for systems at a data center, the IS auditor has determined that adequate maintenance is being performed on all critical computing, power and cooling systems. Additionally, it is MOST important for the IS auditor to ensure that the organization:

Answer 29

performs maintenance during noncritical processing times.

Question 30

During the review of an in-house developed application, the GREATEST concern to an IS auditor is if a:

Answer 30

manager initiates a change request and subsequently approves it.

Question 31

During the review of data file change management controls, which of the following BEST helps to decrease the research time needed to investigate exceptions?

Answer 31

Transaction logs

Question 32

Emergency changes that bypass the normal change control process are MOST acceptable if:

Answer 32

management reviews and approves the changes after they have occurred.

Question 33

An enterprise uses privileged accounts to process configuration changes for mission- critical applications. Which of the following would be the BEST and appropriate control to limit the risk in such a situation?

Answer 33

Ensure that supervisory approval and review are performed for critical changes.

Question 34

The FIRST step in the execution of a problem management mechanism should be:

Answer 34

exception reporting.

Question 35

The GREATEST advantage of using web services for the exchange of information between two systems is

Answer 35

efficient interfacing.

Question 36

A hard disk containing confidential data was damaged beyond repair. If the goal is to positively prevent access to the data by anyone else, what should be done to the hard disk before it is discarded?

Answer 36

Destruction

Question 37

If a database is restored using before- image dumps, where should the process begin following an interruption?

Answer 37

Before the last transaction

Question 38

In an online transaction processing system, data integrity is maintained by ensuring that a transaction is either completed in its entirety or not at all. This principle of data integrity is known as:

Answer 38

atomicity.

Question 39

In a relational database with referential integrity, the use of which of the following keys would prevent deletion of a row from a customer table as long as the customer number of that row is stored with live orders on the orders table?

Answer 39

Foreign key

Question 40

In a small organization, developers may release emergency changes directly to production. Which of the following will BEST control the risk in this situation?

Answer 40

Approve and document the change the next business day.

Question 41

In auditing a database environment, an IS auditor will be MOST concerned if the database administrator is performing which of the following functions?

Answer 41

Installing patches or upgrades to the operating system

Question 42

In evaluating programmed controls over password management, which of the following is the IS auditor MOST likely to rely on?

Answer 42

A validity check

Question 43

An IS auditor analyzing the audit log of a database management system finds that some transactions were partially executed as a result of an error and have not been rolled back. Which of the following transaction processing features has been violated?

Answer 43

Atomicity

Question 44

An IS auditor determined that the IT manager recently changed the vendor that is responsible for performing maintenance on critical computer systems to cut costs. While the new vendor is less expensive, the new maintenance contract specifies a change in incident resolution time specified by the original vendor. Which of the following should be the GREATEST concern to the IS auditor?

Answer 44

Application owners were not informed of the change.

Question 45

An IS auditor discovers that developers have operator access to the command line of a production environment operating system. Which of the following controls would BEST mitigate the risk of undetected and unauthorized program changes to the production environment?

Answer 45

Hash keys are calculated periodically for programs and matched against hash keys calculated for the most recent authorized versions of the programs.

Question 46

An IS auditor discovers that some hard drives disposed of by an enterprise were not sanitized in a manner that would reasonably ensure the data could not be recovered. In addition, the enterprise does not have a written policy on data disposal. The IS auditor should FIRST:

Answer 46

determine the sensitivity of the information on the hard drives.

Question 47

An IS auditor discovers that some users have installed personal software on their PCs. This is not explicitly forbidden by the security policy. Of the following, the BEST approach for an IS auditor is to recommend that the:

Answer 47

security policy be updated to include the specific language regarding unauthorized software.

Question 48

An IS auditor examining the security configuration of an operating system should review the:

Answer 48

parameter settings.

Question 49

An IS auditor finds out-of-range data in some tables of a database. Which of the following controls should the IS auditor recommend to avoid this situation?

Answer 49

Implement integrity constraints in the database.

Question 50

An IS auditor finds that a database administrator (DBA) has read and write access to production data. The IS auditor should:

Answer 50

assess the controls relevant to the DBA function.

Question 51

An IS auditor finds that database administrators (DBAs) have access to the log location on the database server and the ability to purge logs from the system. What is the BEST audit recommendation to ensure that DBA activity is effectively monitored?

Answer 51

Forward database logs to a centralized log server to which the DBAs do not have access.

Question 52

An IS auditor finds that the data warehouse query performance decreases significantly at certain times of the day. Which of the following controls would be MOST relevant for the IS auditor to review?

Answer 52

User spool and database limit controls

Question 53

An IS auditor has been assigned to conduct a test that compares job run logs to computer job schedules. Which of the following observations would be of the GREATEST concern to the IS auditor?

Answer 53

There were instances when some jobs were overridden by computer operators.

Question 54

An IS auditor has discovered that a new patch is available for an application, but the IT department has decided that the patch is not needed because other security controls are in place. What should the IS auditor recommend?

Answer 54

Assess the overall risk, then recommend whether to deploy the patch.

Question 55

An IS auditor is assessing services provided by an Internet service provider (ISP) during an IS compliance audit of a nationwide corporation that operates a governmental program. Which of the following is MOST important?

Answer 55

Review the service level agreement.

Question 56

An IS auditor is assisting in the design of the emergency change control procedures for an organization with a limited budget. Which of the following recommendations BEST helps to establish accountability for the system support personnel?

Answer 56

Production access is granted to the individual support ID when needed.

Question 57

An IS auditor is evaluating network performance for an organization that is considering increasing its Internet bandwidth due to a performance degradation during business hours. Which of the following is MOST likely the cause of the performance degradation?

Answer 57

Unauthorized network activities

Question 58

An IS auditor is evaluating the effectiveness of the change management process in an organization. What is the MOST important control that the IS auditor should look for to ensure system availability?

Answer 58

Test plans and procedures exist and are closely followed.

Question 59

An IS auditor is reviewing a monthly accounts payable transaction register using audit software. For what purpose would the auditor be interested in using a check digit?

Answer 59

To detect data transposition errors

Question 60

An IS auditor is reviewing an organization’s disaster recovery plan (DRP) implementation. The project was completed on time and on budget. During the review, the auditor uncovers several areas of concern. Which of the following presents the GREATEST risk?

Answer 60

The business impact analysis was conducted, but the results were not used.

Question 61

An IS auditor is reviewing database security for an organization. Which of the following is the MOST important consideration for database hardening?

Answer 61

The default configurations are changed.

Question 62

An IS auditor is reviewing the change management process for an enterprise resource planning application. Which of the following is the BEST method for testing program changes?

Answer 62

Trace a sample of modified programs to supporting change tickets.

Question 63

An IS auditor is to assess the suitability of a service level agreement (SLA) between the organization and the supplier of outsourced services. To which of the following observations should the IS auditor pay the MOST attention? The SLA does not contain a:

Answer 63

transition clauses from the old supplier to a new supplier or back to internal in the case of expiration or termination.

Question 64

An IS auditor needs to review the procedures used to restore a software application to its state prior to an upgrade. Therefore, the auditor needs to assess:

Answer 64

backout procedures.

Question 65

An IS auditor notes that patches for the operating system used by an organization are deployed by the IT department as advised by the vendor. The MOST significant concern an IS auditor should have with this practice is that IT has NOT considered:

Answer 65

delaying deployment until testing the impact of the patch.

Question 66

An IS auditor observed that users are occasionally granted the authority to change system data. This elevated system access yet is required for smooth functioning of business operations. Which of the following controls would the IS auditor MOST likely recommend for long-term resolution?

Answer 66

Review policy to see if a formal exception process is required.

Question 67

The IS auditor observes that the latest security-related software patches for a mission-critical system were released two months ago, but IT personnel have not yet installed the patches. The IS auditor should:

Answer 67

review the patch management policy and determine the risk associated with this condition.

Question 68

An IS auditor of a health care organization is reviewing contractual terms and conditions of a third-party cloud provider being considered to host patient health information. Which of the following contractual terms would be the GREATEST risk to the customer organization?

Answer 68

The third- party provider reserves the right to access data to perform certain operations.

Question 69

An IS auditor performing an application maintenance audit would review the log of program changes for the:

Answer 69

authorization of program changes.

Question 70

An IS auditor reviewing a new outsourcing contract with a service provider would be MOST concerned if which of the following was missing?

Answer 70

A clause providing a “right to audit” the service provider

Question 71

An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls?

Answer 71

Use the DBA user account to make changes, log the changes and review the change log the following day.

Question 72

An IS auditor reviewing the application change management process for a large multinational company should be MOST concerned when:

Answer 72

the configuration management database is not maintained.

Question 73

An IS auditor should recommend the use of library control software to provide reasonable assurance that:

Answer 73

program changes have been authorized.

Question 74

A new application has been purchased from a vendor and is about to be implemented. Which of the following choices is a key consideration when implementing the application?

Answer 74

Ensuring that vendor default accounts and passwords have been disabled

Question 75

A new business requirement required changing database vendors. Which of the following areas should the IS auditor PRIMARILY examine in relation to this implementation?

Answer 75

Integrity of the data

Question 76

A new database is being set up in an overseas location to provide information to the general public and to increase the speed at which the information is made available. The overseas database is to be housed at a data center and will be updated in real time to mirror the information stored locally. Which of the following areas of operations should be considered as having the HIGHEST risk?

Answer 76

The hardware being used to run the database application

Question 77

The objective of concurrency control in a database system is to:

Answer 77

ensure integrity when two processes attempt to update the same data at the same time.

Question 78

Of the following alternatives, the FIRST approach to developing a disaster recovery strategy would be to assess whether:

Answer 78

a cost- effective, built-in resilience can be implemented.

Question 79

Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is BEST ensured by:

Answer 79

database commits and rollbacks.

Question 80

An organization has implemented an online customer help desk application using a software as a service (SaaS) operating model. An IS auditor is asked to recommend the best control to monitor the service level agreement (SLA) with the SaaS vendor as it relates to availability. What is the BEST recommendation that the IS auditor can provide?

Answer 80

Implement an online polling tool to monitor the application and record outages.

Question 81

An organization has outsourced its help desk function. Which of the following indicators would be the BEST to include in the service level agreement?

Answer 81

First call resolution rate

Question 82

An organization has recently installed a security patch, which crashed the production server. To minimize the probability of this occurring again, an IS auditor should:

Answer 82

ensure that a good change management process is in place.

Question 83

An organization is considering using a new IT service provider. From an audit perspective, which of the following would be the MOST important item to review?

Answer 83

The proposed service level agreement with the service provider

Question 84

The PRIMARY benefit of an IT manager monitoring technical capacity is to:

Answer 84

ensure that the service level requirements are met.

Question 85

The PRIMARY objective of service-level management is to:

Answer 85

define, agree on, record and manage the required levels of service.

Question 86

A programmer maliciously modified a production program to change data and then restored it back to the original code. Which of the following would MOST effectively detect the malicious activity?

Answer 86

Reviewing system log files

Question 87

The purpose of code signing is to provide assurance that:

Answer 87

the software has not been subsequently modified.

Question 88

Responsibility and reporting lines cannot always be established when auditing automated systems because:

Answer 88

ownership is difficult to establish where resources are shared.

Question 89

The responsibility for authorizing access to a business application system belongs to the:

Answer 89

data owner.

Question 90

To verify that the correct version of a data file was used for a production run, an IS auditor should review:

Answer 90

system logs.

Question 91

A vendor has released several critical security patches over the past few months and this has put a strain on the ability of the administrators to keep the patches tested and deployed in a timely manner. The administrators have asked if they could reduce the testing of the patches. What approach should the organization take?

Answer 91

Continue the current process of testing and applying patches.

Question 92

Vendors have released patches fixing security flaws in their software. Which of the following should an IS auditor recommend in this situation?

Answer 92

Assess the impact of patches prior to installation.

Question 93

What would be the MOST effective control for enforcing accountability among database users accessing sensitive information?

Answer 93

Implement a log management process.

Question 94

When performing a database review, an IS auditor notices that some tables in the database are not normalized. The IS auditor should next:

Answer 94

review the justification.

Question 95

When reviewing a hardware maintenance program, an IS auditor should assess whether:

Answer 95

the program is validated against vendor specifications.

Question 96

When reviewing system parameters, an IS auditor’s PRIMARY concern should be that:

Answer 96

they are set to meet both security and performance requirements.

Question 97

When reviewing the desktop software compliance of an organization, the IS auditor should be MOST concerned if the installed software:

Answer 97

is not listed in the approved software standards document.

Question 98

Which of the following activities performed by a database administrator should be performed by a different person?

Answer 98

Deleting database activity logs

Question 99

Which of the following activities should the business continuity manager perform FIRST after the replacement of hardware at the primary information processing facility?

Answer 99

Update the IT asset inventory

Question 100

Which of the following assures an enterprise of the existence and effectiveness of internal controls relative to the service provided by a third party?

Answer 100

A recent independent third-party external audit report

Question 101

Which of the following BEST ensures that users have uninterrupted access to a critical, heavily used web-based application?

Answer 101

Load balancing

Question 102

Which of the following BEST helps prioritize the recovery of IT assets when planning for a disaster?

Answer 102

Business impact analysis

Question 103

Which of the following choices BEST ensures accountability when updating data directly in a production database?

Answer 103

Review of audit logs

Question 104

Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized?

Answer 104

Date and time-stamp reviews of source and object code

Question 105

Which of the following controls would provide the GREATEST assurance of database integrity?

Answer 105

Table link/reference checks

Question 106

Which of the following database controls would ensure that the integrity of transactions is maintained in an online transaction processing system’s database?

Answer 106

Commitment and rollback controls

Question 107

Which of the following is a MAJOR concern during a review of help desk activities?

Answer 107

Resolved incidents are closed without reference to end users.

Question 108

Which of the following is a network diagnostic tool that monitors and records network information?

Answer 108

Protocol analyzer

Question 109

Which of the following is a prevalent risk in the development of end-user computing applications?

Answer 109

Applications may not be subject to testing and IT general controls.

Question 110

Which of the following is MOST directly affected by network performance monitoring tools?

Answer 110

Availability

Question 111

Which of the following is MOST important when an operating system patch is to be applied to a production environment?

Answer 111

Approval from the information asset owner

Question 112

Which of the following issues should be a MAJOR concern to an IS auditor who is reviewing a service level agreement (SLA)?

Answer 112

Service measures were not included in the SLA.

Question 113

Which of the following is the BEST method for an IS auditor to verify that critical production servers are running the latest security updates released by the vendor?

Answer 113

Run an automated tool to verify the security patches on production servers.

Question 114

Which of the following is the BEST way to ensure that incident response activities are consistent with the requirements of business continuity?

Answer 114

Develop a scenario and perform a structured walk- through.

Question 115

Which of the following is the MOST critical to the quality of data in a data warehouse?

Answer 115

Accuracy of the source data

Question 116

Which of the following is the MOST effective when determining the correctness of individual account balances migrated from one database to another?

Answer 116

Perform sample testing of the migrated account balances.

Question 117

Which of the following is the MOST efficient and sufficiently reliable way to test the design effectiveness of a change control process?

Answer 117

Perform an end- to-end walk- through of the process

Question 118

Which of the following is the MOST likely reason an organization implements an emergency change to an application using the emergency change control process?

Answer 118

There is a high probability of a significant impact on operations.

Question 119

Which of the following is widely accepted as one of the critical components in networking management?

Answer 119

Configuration and change management

Question 120

Which of the following processes should an IS auditor recommend to assist in the recording of baselines for software releases?

Answer 120

Configuration management

Question 121

Which of the following processes will be MOST effective in reducing the risk that unauthorized software on a backup server is distributed to the production server?

Answer 121

Review changes in the software version control system.

Question 122

Which of the following reports is the MOST appropriate source of information for an IS auditor to validate that an Internet service provider (ISP) has been complying with an enterprise service level agreement for the availability of outsourced telecommunication services?

Answer 122

Downtime reports on the telecommunication services generated by the enterprise

Question 123

Which of the following reports should an IS auditor use to check compliance with a service level agreement’s requirement for uptime?

Answer 123

Availability reports

Question 124

Which of the following security measures BEST ensures the integrity of information stored in a data warehouse?

Answer 124

A read-only restriction

Question 125

Which of the following should an incident response team address FIRST after a major incident in an information processing facility?

Answer 125

Containment at the facility

Question 126

Which of the following should an IS auditor recommend for the protection of specific sensitive information stored in a data warehouse?

Answer 126

Implement column- and row- level permissions

Question 127

Which of the following should the IS auditor review to ensure that servers are optimally configured to support processing requirements?

Answer 127

Server utilization data

Question 128

Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with change control procedures in an organization?

Answer 128

Identify changes that have occurred and verify approvals.

Question 129

Which of the following would an IS auditor consider to be MOST helpful when evaluating the effectiveness and adequacy of a preventive computer maintenance program?

Answer 129

A system downtime log

Question 130

Which of the following would an IS auditor consider to be the MOST important to review when conducting a disaster recovery audit?

Answer 130

Data backups are performed timely and stored offsite.

Question 131

Which of the following would an IS auditor use to determine if unauthorized modifications were made to production programs?

Answer 131

Compliance testing

Question 132

Which of the following would BEST help to detect errors in data processing?

Answer 132

Hash totals

Question 133

Which of the following would help to ensure the portability of an application connected to a database?

Answer 133

Usage of a Structured Query Language

Question 134

While auditing an e-commerce architecture, an IS auditor notes that customer master data are stored on the web server for six months after the transaction date and then purged due to inactivity. Which of the following should be the PRIMARY concern for the IS auditor?

Answer 134

Confidentiality of customer data

Question 135

While conducting an audit on the customer relationship management application, the IS auditor observes that it takes a significantly long time for users to log on to the system during peak business hours as compared with other times of the day. Once logged on, the average response time for the system is within acceptable limits. Which of the following choices should the IS auditor recommend?

Answer 135

Establish performance measurement criteria for the authentication servers.

Question 136

While designing the business continuity plan for an airline reservation system, the MOST appropriate method of data transfer/backup at an offsite location would be:

Answer 136

shadow file processing.

Question 137

While performing a review of a critical third-party application, an IS auditor would be MOST concerned with discovering:

Answer 137

an inadequate software escrow agreement.

Question 138

While reviewing the process for continuous monitoring of the capacity and performance of IT resources, an IS auditor should PRIMARILY ensure that the process is focused on:

Answer 138

providing accurate feedback on IT resource capacity.